FeedNVDv2

This feed pulls CVE information from the NIST National Vulnerability Database using v2.0 of the API. By default, CVEs with a REJECTED status are excluded. Enable 'Include Rejected CVEs' to ingest them. This integration/feed deprecates the original National Vulnerability Database Feed integraiton as v1.0 of the API is being sunsetted in 2023.

Data Enrichment & Threat Intelligence · NVD Feed 2.0 · Feed

Configuration parameters

  • feed — Fetch indicators
  • apiKey
  • keyword_search — Keyword Search
  • cvssv3severity — CVSS 3 Severity Filter
  • cvss_severity — CVSS Severity Filter
  • cvss_versions — CVSS Versions
  • max_indicators — Max Indicators Per Fetch (required)
  • first_fetch — First fetch time
  • hasKev — Return Known Exploited Vulnerabilities (KEV) only.
  • include_rejected — Include Rejected CVEs
  • feedIncremental — Incremental feed
  • feedReliability — Source Reliability (required)
  • feedReputation — Indicator Reputation
  • feedExpirationPolicy
  • feedFetchInterval — Feed Fetch Interval
  • feedExpirationInterval
  • feedBypassExclusionList — Bypass exclusion list
  • insecure — Trust any certificate (not secure)
  • proxy — Use system proxy settings
  • feedTags — Tags
  • tlp_color — Traffic Light Protocol Color

Commands (1)

  • nvd-get-indicators

    Manually retrieve CVEs from NVD using the history parameter for the duration back to fetch. CVSS severity and version filters can be overridden for this command.